IBM Mainframe Forum

Hi,

I will be creating few datasets on weekly basis, i need to generate list of users who has access the datasets, is there any mechanism to the get the list.

why not speak top Your support ???

if You have the business need they will be happy to provide You with the proper advice

Hello and welcome to the forum,

i need to generate list of users who has access the datasets

Why does someone believe such a list is needed?

What about those who actually open these dataset in addition to being able to access them?

Access is controlled via the security software -- RACF, ACF2, TOP SECRET among them -- and may include many people who never open a single one of these data sets. Finding out who opened a data set will require using the SMF records.

I think your first issue is to determine whether you want to know who COULD open your data sets, or who DID open your data sets -- security package and SMF data records are very different types of data.

Thanks Every body.

Robert Sample wrote:Access is controlled via the security software -- RACF, ACF2, TOP SECRET among them -- and may include many people who never open a single one of these data sets. Finding out who opened a data set will require using the SMF records.

I think your first issue is to determine whether you want to know who COULD open your data sets, or who DID open your data sets -- security package and SMF data records are very different types of data.

@Robert: Thanks for the info, I have list of datasets generated by me. I need list of users who did open the datasets. Please help me in getting the list.

dick scherrer wrote:Hello and welcome to the forum,

i need to generate list of users who has access the datasets

Why does someone believe such a list is needed?

What about those who actually open these dataset in addition to being able to access them?

@Dick: Thank you Dick. I need to include them as well in the list.

enrico-sorichetti wrote:why not speak top Your support ???

if You have the business need they will be happy to provide You with the proper advice

@Enrico: There was a business need with this requirement, so i need to generate the report.

enrico-sorichetti wrote:why not speak top Your support ???

if You have the business need they will be happy to provide You with the proper advice


@Enrico: There was a business need with this requirement, so i need to generate the report.

Why should a business need stop you from going to your support who are also there to support the business? They could, possibly, give you a job to run that will do what you need.

Robert Sample wrote:Access is controlled via the security software -- RACF, ACF2, TOP SECRET among them -- and may include many people who never open a single one of these data sets. Finding out who opened a data set will require using the SMF records.

I think your first issue is to determine whether you want to know who COULD open your data sets, or who DID open your data sets -- security package and SMF data records are very different types of data.



@Robert: Thanks for the info, I have list of datasets generated by me. I need list of users who did open the datasets. Please help me in getting the list.

Robert has helped you to get the list. You need to access the SMF records to find who has actualy opened the datasets as he has said. Now you have to go and speak to the people who handle the SMF records in your organisation. There is a business need so they cannot refuse to help.

the term/construct business need means that the requirement is known/suppoorted organization wide,

so that You are authorized/requested to involve the proper functions
-- in this case audit/storage/security support

to check if something alike is in place
-- in order not to reinvent the wheel

and to be advised about the proper practices to be used in Your organization.

and to be advised about the tools already available

not wanting to contact the proper functions inside Your organization implies
that Your requirement is not an organization wide business need


PS.
reporting on dataset access id a task that is commonly done everywhere
so there should be no need to reinvent anything

just get in touch with the audit/storage/security people in order to add
Your datasets to the audit list

Hello,

To get the list of who opened what, yu want to use something that should already exist.

You do not want to start from scratch to read the raw SMF data to get your info. . .

If these are your datasets the quickest/easiest way to find out who is accessing them is to change UACC to NONE and Failed Accesses to warn. This will write a message to the syslog every time someone accesses the datasets. Then you don't have the hassle of going through the SMF data.